Hi Markus
Thanks for this hint. Is it true, that the msktutil checks, if a DC
could "speak" with AES and then update the
msDS-SupportedEncryption-Type-Attribut on the computer-object in the
active-directory? In my case, I had this behaviour. And I don't know
exactly, if it's msktutil's guilt.
Tom
Hi Tom,
AES is a stronger encryption than RC4, why it is selected first by clients
who support it (Windows 7,Vista, 2008, newer MIT/Heimdal versions on Unix).
XP/Windows 2003 clients will continue to use RC4 as AES is not supported in
XP/Windows 2003 .
Markus
"Tom Tux" wrote in message
